# Setup Routing Lets take a look at what routes Artisan created for the Widgets module by default. Navigate to the Elentra API via the Elentra ME installation as we did before. Do this from inside the Docker container. ``` # log into the Docker container docker exec -it elentra-developer bash # navigate to Elenta API via the composer installation location cd /var/www/vhosts/elentra-1x-me/www-root/core/library/vendor/elentrapackages/elentra-1x-api # list the routes for the widget module php artisan route:list --path=widgets ``` This will give you a single route: ``` +--------+----------+-------------+------+---------+--------------+ | Domain | Method | URI | Name | Action | Middleware | +--------+----------+-------------+------+---------+--------------+ | | GET|HEAD | api/widgets | | Closure | api,auth:api | +--------+----------+-------------+------+---------+--------------+ ``` We need to make some adjustments here. Laravel assumes all API routes will start with /api/, but in Elentra we don't use that convention. Edit the file `Widgets/Providers/RouteServiceProvider.php`, and remove the `'prefix'` directive in the `mapApiRoutes()` function: ![](/files/-LMwrZzYt3ZzLUOKPHHY) Next, change the initial route for the Widget module so it gives us a helpful message. Edit the file `Widgets/Routes/api.php` and replace the commented out return method with an echo. Also remove the call to `middleware('auth:api')`. The `Route::get()` function should now look like: ![](/files/-LMwtvQUGzlLHlY-iRzY) To test this, open a browser of your choice, and try to navigate to the route for the Widget module, which will be `http://elentra-1x-me/api/v2/widgets`. You should see your message now. ![](/files/-LMwxIE9Iab47nrvJKiF) Lets take a look at the routes now, using `php artisan route:list --path=widgets` ``` +--------+----------+---------+------+---------+------------+ | Domain | Method | URI | Name | Action | Middleware | +--------+----------+---------+------+---------+------------+ | | GET|HEAD | widgets | | Closure | api | +--------+----------+---------+------+---------+------------+ ``` Now the URI no longer has the api prefix. You can also see that the middleware is different from before, because we removed the 'auth:api' middleware. Lets add back in the correct authentication middleware, but we will do it in a way that it will apply to all routes in this module {% hint style="danger" %} Do not skip the next step. If you do not add the `api_auth` middleware your routes will be open and public so that anyone can reach it without first logging into Elentra. {% endhint %} Again edit `Widgets/Providers/RouteServiceProvider.php`, and change the `'middleware'` from `'api'` to `'['api', 'api_auth']`. This middleware ensures that the caller is logged in and that the token is valid. After these changes, the mapApiRoutes() function should look like: ![](/files/-LMwsrXCiov72RDsjgvi) Now check the routes again with `php artisan route:list --path=widgets` ``` +--------+----------+---------+------+---------+--------------+ | Domain | Method | URI | Name | Action | Middleware | +--------+----------+---------+------+---------+--------------+ | | GET|HEAD | widgets | | Closure | api,api_auth | +--------+----------+---------+------+---------+--------------+ ``` The `api_auth` middleware is now added, and your routes will now have to be authenticated. {% hint style="danger" %} Did you just skip adding the authentication middleware? Please don't. {% endhint %} With the middleware corrected, try to access the route again from the browser. This time you should get an error: ![](/files/-LMx-OSQA04zl2g6AXHA) This is a great point to set up [Postman](https://www.getpostman.com/) to test your API routes, because you will have to first login to get the token needed for any access to the Widget module, now that the routes are secured. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.elentra.org/api/developers/quickstart-guide/creating-routes-and-controllers.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.